Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Sendmail < 8.10.0 mail.local Newline Handling Remote DoS

Medium

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote Sendmail server does not properly identiy the '. ' string which identifies the end of message text. An attacker may use this flaw to remotely corrupt user mailboxes by sending a message line which is 2047 characters long and end in '. '.

Solution

Install sendmail 8.10.0 or higher.